wormclaude 1.0.13 → 1.0.15

package/dist/tools.js

@@ -8,10 +8,14 @@ import * as os from 'node:os';
 import * as path from 'node:path';
 import { loadConfig } from './api.js';
 import { runAgentLoop } from './agent.js';
+import { resolveSubagent, subagentTypesHint } from './subagents.js';
+import { saveMemoryFact } from './memory.js';
 import { tasks } from './tasks.js';
 import { getMcpToolSchemas, callMcpTool } from './mcp.js';
 import { getSkills, getSkill, buildSkillPrompt } from './skills.js';
 import { getExcludedTools } from './extensions.js';
+import { checkCommand } from './cmdsec.js';
+import * as Diff from 'diff';
 import * as computer from './computer.js';
 // Agent/alt-agent araçlarının backend'e ulaşması için config. cli.tsx başlangıçta
 // setToolConfig ile aynı (mutable) config nesnesini verir → /config değişiklikleri görülür.
@@ -299,12 +303,13 @@ export const toolSchemas = [
         type: 'function',
         function: {
             name: 'Agent',
-            description: AGENT_DESCRIPTION,
+            description: AGENT_DESCRIPTION + '\n\nAvailable subagent_type values (specialized prompt + restricted tools):\n' + subagentTypesHint(),
             parameters: {
                 type: 'object',
                 properties: {
                     description: { type: 'string', description: 'A short (3-5 word) description of the task' },
                     prompt: { type: 'string', description: 'The detailed, self-contained task for the sub-agent to perform' },
+                    subagent_type: { type: 'string', description: 'Optional: specialized agent to use (e.g. general-purpose, security-recon, code-explorer). Selects a tailored system prompt and a restricted tool set. Omit for a general sub-agent.' },
                     run_in_background: { type: 'boolean', description: 'Run the sub-agent in the background and return a task id (default false)' },
                 },
                 required: ['description', 'prompt'],
@@ -325,6 +330,21 @@ export const toolSchemas = [
             },
         },
     },
+    {
+        type: 'function',
+        function: {
+            name: 'SaveMemory',
+            description: 'Save a single concise fact to long-term memory so it persists across sessions. Use when the user explicitly asks you to remember something, or when you detect a durable preference, decision, project convention, or constraint worth keeping. Keep the fact short and self-contained. Do NOT use for transient or session-only details.',
+            parameters: {
+                type: 'object',
+                properties: {
+                    fact: { type: 'string', description: 'The specific, self-contained fact to remember (e.g. "User prefers Turkish responses", "Project uses pnpm not npm").' },
+                    scope: { type: 'string', enum: ['project', 'global'], description: 'project = this project only (default), global = all projects.' },
+                },
+                required: ['fact'],
+            },
+        },
+    },
     {
         type: 'function',
         function: {
@@ -538,6 +558,7 @@ const TOOL_META = {
     Scroll: { needsPermission: true, validate: (a) => (a && a.direction ? null : 'direction gerekli') },
     WebSearch: { readOnly: true, needsPermission: true, validate: (a) => (a && a.query ? null : 'query gerekli') },
     TodoWrite: { readOnly: true, validate: (a) => (a && Array.isArray(a.todos) ? null : 'todos dizisi gerekli') },
+    SaveMemory: { validate: (a) => (a && a.fact && String(a.fact).trim() ? null : 'fact gerekli') },
     PowerShell: { needsPermission: true, validate: (a) => (a && a.command ? null : 'command gerekli') },
     NotebookEdit: { needsPermission: true, validate: (a) => (a && a.notebook_path ? null : 'notebook_path gerekli') },
     REPL: { needsPermission: true, validate: (a) => (a && a.language && a.code ? null : 'language ve code gerekli') },
@@ -602,6 +623,17 @@ async function execOne(call, hooks) {
     if (planMode && !isReadOnly(call.name)) {
         return { ok: false, output: 'Plan modunda — yazma/komut engellendi. Önce ExitPlanMode ile planı onaylat.', args };
     }
+    // 3.5) Komut güvenliği (Bash/PowerShell) — cmdsec: deny→blokla, allow→izinsiz, confirm→izin akışı
+    if ((call.name === 'Bash' || call.name === 'PowerShell') && args && args.command) {
+        const chk = checkCommand(String(args.command));
+        if (chk.decision === 'deny') {
+            return { ok: false, output: `⛔ Güvenlik: komut engellendi — ${chk.reason || 'tehlikeli komut'}`, args };
+        }
+        if (chk.decision === 'allow') {
+            const res = await executeTool(call.name, args);
+            return { ...res, args };
+        }
+    }
     // 4) İzin (gerekiyorsa)
     if (needsPermission(call.name) && hooks?.confirm) {
         const decision = await hooks.confirm(call, args);
@@ -651,13 +683,53 @@ export async function executeToolCalls(calls, hooks) {
     return results;
 }
 // Alt-agent'a verilecek araç seti (özyineleme/iç içe agent engellenir).
-function subAgentTools() {
-    return allToolSchemas().filter((t) => t.function.name !== 'Agent' && t.function.name !== 'Skill');
+// allow verilirse yalnız o adlardaki araçlar bırakılır (uzman ajan tool-kısıtı).
+function subAgentTools(allow) {
+    let list = allToolSchemas().filter((t) => t.function.name !== 'Agent' && t.function.name !== 'Skill');
+    if (allow && allow.length) {
+        const set = new Set(allow);
+        const filtered = list.filter((t) => set.has(t.function.name));
+        if (filtered.length)
+            list = filtered; // boş kalırsa kısıtı yok say (güvenli geri dönüş)
+    }
+    return list;
 }
 const SUBAGENT_SYSTEM = 'You are a WormClaude sub-agent: an autonomous worker spawned to complete one specific task. ' +
     'Use your tools (Bash, Read, Write, Edit, Glob, Grep, WebFetch, TaskOutput) to do the work, ' +
     'then return a concise final report of what you did and any results requested. ' +
     'You have no memory beyond this task. Be thorough and finish the task end-to-end.';
+// Levenshtein mesafesi (küçük, dep'siz) — bilinmeyen tool adına en yakın öneriler.
+function levenshtein(a, b) {
+    const m = a.length, n = b.length;
+    if (!m)
+        return n;
+    if (!n)
+        return m;
+    let prev = Array.from({ length: n + 1 }, (_, i) => i);
+    let cur = new Array(n + 1);
+    for (let i = 1; i <= m; i++) {
+        cur[0] = i;
+        for (let j = 1; j <= n; j++) {
+            const cost = a[i - 1] === b[j - 1] ? 0 : 1;
+            cur[j] = Math.min(prev[j] + 1, cur[j - 1] + 1, prev[j - 1] + cost);
+        }
+        [prev, cur] = [cur, prev];
+    }
+    return prev[n];
+}
+// Bilinmeyen tool adı için " Did you mean 'X'?" önerisi (en yakın ≤3, makul mesafe).
+function suggestTools(unknown) {
+    const names = allToolSchemas().map((t) => t.function.name);
+    const ranked = names
+        .map((n) => ({ n, d: levenshtein(unknown.toLowerCase(), n.toLowerCase()) }))
+        .filter((x) => x.d <= Math.max(3, Math.floor(unknown.length / 2)))
+        .sort((a, b) => a.d - b.d)
+        .slice(0, 3)
+        .map((x) => `"${x.n}"`);
+    if (!ranked.length)
+        return '';
+    return ranked.length > 1 ? ` Did you mean one of: ${ranked.join(', ')}?` : ` Did you mean ${ranked[0]}?`;
+}
 export function toolLabel(name, args) {
     try {
         if (name === 'Bash')
@@ -675,9 +747,11 @@ export function toolLabel(name, args) {
         if (name === 'WebFetch')
             return `WebFetch(${args.url})`;
         if (name === 'Agent')
-            return `Agent(${args.description || ''}${args.run_in_background ? ', bg' : ''})`;
+            return `Agent(${args.description || ''}${args.subagent_type ? ':' + args.subagent_type : ''}${args.run_in_background ? ', bg' : ''})`;
         if (name === 'TaskOutput')
             return `TaskOutput(${args.task_id})`;
+        if (name === 'SaveMemory')
+            return `SaveMemory(${String(args.fact || '').slice(0, 50)})`;
         if (name === 'Skill')
             return `Skill(${args.name})`;
         if (name === 'WebSearch')
@@ -742,9 +816,9 @@ function walk(dir, out, depth = 0) {
 function globToRegex(pattern) {
     let re = pattern
         .replace(/[.+^${}()|[\]\\]/g, '\\$&')
-        .replace(/\*\*/g, '')
+        .replace(/\*\*/g, '\u0000')
         .replace(/\*/g, '[^/\\\\]*')
-        .replace(//g, '.*')
+        .replace(/\u0000/g, '.*')
         .replace(/\?/g, '.');
     return new RegExp(re + '$', 'i');
 }
@@ -764,6 +838,23 @@ const TYPE_EXT = {
     sh: ['sh', 'bash', 'zsh'],
 };
 // ── Executor ──────────────────────────────────────────────────────────────────
+// Edit/Write icin +/- satir ozeti (Diff paketiyle).
+function diffStat(oldStr, newStr) {
+    try {
+        let added = 0, removed = 0;
+        for (const part of Diff.diffLines(oldStr || '', newStr || '')) {
+            const n = part.count || (part.value ? part.value.split('\n').filter(Boolean).length : 0);
+            if (part.added)
+                added += n;
+            else if (part.removed)
+                removed += n;
+        }
+        return (added || removed) ? `  (+${added} -${removed})` : '';
+    }
+    catch {
+        return '';
+    }
+}
 export async function executeTool(name, args) {
     try {
         if (name === 'See') {
@@ -809,8 +900,12 @@ export async function executeTool(name, args) {
             return { ok: true, output: (out || '(no output)').slice(0, 20000) };
         }
         if (name === 'Agent') {
+            // Uzman ajan seçimi: subagent_type verilirse özel prompt + tool-kısıtı uygulanır.
+            const def = resolveSubagent(args.subagent_type);
+            const sysPrompt = def ? def.system : SUBAGENT_SYSTEM;
+            const subTools = subAgentTools(def?.tools);
             const subMessages = [
-                { role: 'system', content: SUBAGENT_SYSTEM },
+                { role: 'system', content: sysPrompt },
                 { role: 'user', content: String(args.prompt || '') },
             ];
             if (args.run_in_background) {
@@ -820,7 +915,7 @@ export async function executeTool(name, args) {
                         const { finalText } = await runAgentLoop({
                             config: cfg(),
                             messages: subMessages,
-                            tools: subAgentTools(),
+                            tools: subTools,
                             executeTool,
                             hooks: {
                                 onText: (t) => tasks.append(task.id, t),
@@ -840,7 +935,7 @@ export async function executeTool(name, args) {
             const { finalText } = await runAgentLoop({
                 config: cfg(),
                 messages: subMessages,
-                tools: subAgentTools(),
+                tools: subTools,
                 executeTool,
             });
             return { ok: true, output: finalText || '(sub-agent returned no text)' };
@@ -852,6 +947,16 @@ export async function executeTool(name, args) {
             const body = t.output.slice(-9000) || '(no output yet)';
             return { ok: true, output: `[${t.id}] ${t.kind} · ${t.status} · ${t.label}\n\n${body}` };
         }
+        if (name === 'SaveMemory') {
+            try {
+                const scope = args.scope === 'global' ? 'global' : 'project';
+                const file = saveMemoryFact(String(args.fact || ''), scope);
+                return { ok: true, output: `Hatıra kaydedildi (${scope}): "${String(args.fact).trim()}" → ${file}` };
+            }
+            catch (e) {
+                return { ok: false, output: `Hatıra kaydedilemedi: ${e?.message || e}` };
+            }
+        }
         if (name === 'Read') {
             const fp = args.file_path;
             if (!fs.existsSync(fp))
@@ -877,9 +982,16 @@ export async function executeTool(name, args) {
             if (fs.existsSync(fp) && !readFiles.has(norm(fp)))
                 return { ok: false, output: 'Error: existing file must be read first. Use the Read tool before overwriting.' };
             fs.mkdirSync(path.dirname(path.resolve(fp)), { recursive: true });
-            fs.writeFileSync(fp, args.content ?? '');
+            const _wnew = args.content ?? '';
+            const _wold = (() => { try {
+                return fs.readFileSync(fp, 'utf8');
+            }
+            catch {
+                return '';
+            } })();
+            fs.writeFileSync(fp, _wnew);
             readFiles.add(norm(fp));
-            return { ok: true, output: `Wrote ${fp} (${(args.content || '').length} chars)` };
+            return { ok: true, output: `Wrote ${fp} (${_wnew.length} chars)${diffStat(_wold, _wnew)}` };
         }
         if (name === 'Edit') {
             const fp = args.file_path;
@@ -900,9 +1012,10 @@ export async function executeTool(name, args) {
                     ok: false,
                     output: `Error: old_string is not unique (${count} matches). Provide more surrounding context or set replace_all: true.`,
                 };
+            const _ebefore = c;
             c = args.replace_all ? c.split(oldStr).join(newStr) : c.replace(oldStr, newStr);
             fs.writeFileSync(fp, c);
-            return { ok: true, output: `Edited ${fp}${args.replace_all ? ` (${count} occurrences)` : ''}` };
+            return { ok: true, output: `Edited ${fp}${args.replace_all ? ` (${count} occurrences)` : ''}${diffStat(_ebefore, c)}` };
         }
         if (name === 'Glob') {
             const base = args.path || process.cwd();
@@ -1182,7 +1295,7 @@ export async function executeTool(name, args) {
         }
         if (name.startsWith('mcp__'))
             return await callMcpTool(name, args);
-        return { ok: false, output: `Unknown tool: ${name}` };
+        return { ok: false, output: `Unknown tool: ${name}.${suggestTools(name)} Use exactly the registered tool names.` };
     }
     catch (e) {
         return { ok: false, output: `Error: ${e?.message || String(e)}` };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "wormclaude",
-  "version": "1.0.13",
+  "version": "1.0.15",
   "description": "WormClaude CLI - uncensored security+code assistant (ink TUI, Claude-style)",
   "type": "module",
   "bin": {
@@ -14,6 +14,8 @@
   },
   "dependencies": {
     "@modelcontextprotocol/sdk": "^1.29.0",
+    "@types/diff": "^7.0.2",
+    "diff": "^9.0.0",
     "ink": "^5.0.1",
     "ink-spinner": "^5.0.0",
     "ink-text-input": "^6.0.0",